7 matches found
Xoops 1.3.x/2.0 MyTextSanitizer HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7434/info A HTML injection vulnerability has been discovered in Xoops. The problem occurs due to insufficient filtering of HTML and script code by the MyTextSanitizer script. Successful exploitation of this vulnerability...
CVE-2003-1453
Cross-site scripting XSS vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag...
CVE-2003-1453
The vulnerability is an XSS in XOOPS MytextSanitizer affecting XOOPS 1.3.5–1.3.9 and 2.0–2.0.1, exploitable via a javascript: URL in an IMG tag to inject arbitrary script/HTML. The provided documents do not include concrete exploit details, affected product versions beyond those ranges, or a reme...
CVE-2003-1453
Cross-site scripting XSS vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag...
Xoops 1.3.x2.0 MyTextSanitizer - HTML Injection
Xoops 1.3.x2.0 MyTextSanitizer - HTML Injection source: https://www.securityfocus.com/bid/7434/info A HTML injection vulnerability has been discovered in Xoops. The problem occurs due to insufficient filtering of HTML and script code by the MyTextSanitizer script. Successful exploitation of this...
Xoops 1.3.x/2.0 MyTextSanitizer - HTML Injection
source: https://www.securityfocus.com/bid/7434/info A HTML injection vulnerability has been discovered in Xoops. The problem occurs due to insufficient filtering of HTML and script code by the MyTextSanitizer script. Successful exploitation of this vulnerability may allow a malicious Xoops user t...
XOOPS MyTextSanitizer CSS 1.3x & 2.x
Author: Doxical & Magistrat http://www.blocus-zone.com Date: 25/04/2003 Object: XOOPS MyTextSanitizer Filtering Bug Allows Remote Users to Conduct Cross-Site Scripting Attacks in many modules: News, newbb, private messages, signatures etc... Impact: Disclosure of authentication information,...